On 04/13/2017 03:10 PM, Martijn Brinkers wrote:
On 04/12/2017 05:37 PM, Matthias Henze wrote:
Am 12.04.2017 um 17:20 schrieb Martijn Brinkers:
On 04/11/2017 10:18 PM, Matthias Henze wrote:
after the update to the latest version upstream verification does no
longer work for some reason. Postfix main.cf looks ok to me. I see:
djigzo_reject_unverified_recipient = reject
djigzo_unverified_recipient_reject_code = 550
smtpd_recipient_restrictions = permit_mynetworks
I've no clue why Postfix does not verify the mail addresses.
Why do you think Postfix is not verifying an email address?
Doped mails by telnet to invalid addresses an then ...
Did you receive an email for an invalid email
... revived error mails. As well as sending mails from external accounts
and then revived error mails
SMTP verification works by checking whether the next server accepts the
email address by sending a RCPT TO SMTP command. If the remote server
does not complain, then Postfix will assume the recipient is valid and
this result cached for some time. Could it be that the next server does
not validate the recipients? i.e., that it always returns that a
recipient is valid?
A typical setup of CipherMail is
Exchange <-> CipherMail <-> Internet
Note: Exchange is just an example
With SMTP verification, when an email comes in from the Internet, the
CipherMail gateway "asks" Exchange whether a recipient is valid or not.
If the Exchange server reports that the recipient is valid, CipherMail
will accept the message. This only works if Exchange knows about valid
recipients and does not report "Ok" for every recipient. If for example
Exchange is configured to allow relaying of email for the IP address of
the CipherMail server then Exchange will report "Ok" for every
recipient. You can check whether this is the case by logging into
CipherMail and use telnet to connect to your internal Mail server (in
this example Exchange) and check whether the mail server accepts invalid
$ telnet exchange.example.com
RCPT TO: invalidrecipient(a)example.com
The mail server should report that the recipient
invalidrecipient(a)example.com is an invalid recipient.
Note: the above check should be done from the CipherMail server to make
sure that the IP address used to connect to the internal mail server is
the same as the IP of CipherMail
CipherMail email encryption
Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.